Skip to content

Instantly share code, notes, and snippets.

@tracphil

tracphil/GitlabConvert.py

Forked from Johannestegner/GitlabConvert.py
Created March 24, 2023 13:47
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save tracphil/0486f0d24afdf28390b2656da0615634 to your computer and use it in GitHub Desktop.
Save tracphil/0486f0d24afdf28390b2656da0615634 to your computer and use it in GitHub Desktop.
Download ZIP
Convert Clair/Paclair output into Gitlab expected output for container scanning.
Raw
GitlabConvert.py
#!/usr/bin/env python
# LICENSE: MIT
# (c) - Johannes Tegner
import sys
import json
if len(sys.argv) < 2:
sys.stderr.write('Missing image name.')
sys.exit(5)
input_name = 'clair-report.json'
output_name = 'gl-container-scanning-report.json'
if len(sys.argv) >= 3:
input_name = sys.argv[2]
if len(sys.argv) >= 4:
output_name = sys.argv[3]
output = {}
with open(input_name) as json_file:
data = json.load(json_file)
output['image'] = sys.argv[1]
output['vulnerabilities'] = []
output['unapproved'] = []
for feature in data['Layer'].get('Features', []):
if feature.get('Vulnerabilities'):
for vuln in feature['Vulnerabilities']:
output['unapproved'].append(vuln['Name'])
vulnerability = {}
vulnerability['featurename'] = feature.get('Name', 'No name')
vulnerability['featureversion'] = feature.get('Version', 'No version')
vulnerability['namespace'] = feature.get('NamespaceName', 'No namespace')
vulnerability['vulnerability'] = vuln.get('Name', 'No vulnerability name')
vulnerability['description'] = vuln.get('Description', 'No description')
vulnerability['link'] = vuln.get('Link', '')
vulnerability['severity'] = vuln.get('Severity', 'Unknown severity')
vulnerability['fixedby'] = ''
output['vulnerabilities'].append(vulnerability)
with open(output_name, 'w') as output_file:
json.dump(output, output_file)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment